Finding DNS static records

January 29, 2017

An interesting question from the forums about finding DNS static records


You can view the records in a DNS zone

Get-CimInstance -Namespace root\MicrosoftDNS -ClassName MicrosoftDNs_Atype -ComputerName W16DC01  -Filter "DomainName = ‘manticore.org’" |
select OwnerName, Timestamp, IPAddress


but how do you know which are static records.


There isn’t an obvious way to do it but if you dig into the records (hint create a static record and look at the differences) you’ll see that static records have a timestamp of 0


So to see just the static records

Get-CimInstance -Namespace root\MicrosoftDNS -ClassName MicrosoftDNs_Atype -ComputerName W16DC01 -Filter "DomainName = ‘manticore.org’ AND Timestamp = 0" |
select OwnerName, Timestamp, IPAddress


Rather than using the CIM class directly it’s simpler to use the cmdlets from the DNSserver module – install the remote admin tools to get access.


To view the A type records

Get-DnsServerResourceRecord -ComputerName W16DC01 -ZoneName ‘manticore.org’ -RRType A


To view the static records only

Get-DnsServerResourceRecord -ComputerName W16DC01 -ZoneName ‘manticore.org’ -RRType A |
where {-not $_.TimeStamp}


Notice that you’re checking for the absence of a timestamp

